• Languages
Language (English)
  • Українська (UA)
  • Русский (RU)
  • English (EN)
  • Deutsch (DE)
  • Français (FR)
  • Español (ES)
  • Беларуская (BY)
  • Български (BG)
  • Polska (PL)
  • Čeština (CZ)
  • Slovenský (SK)
  • Lietuvių (LT)
  • Latvijas (LV)
  • Nederlands (NL)
  • Português (PT)
  • Italiano (IT)
  • Svenska (SV)
  • Norsk (NO)
  • Dansk (DK)
  • ქართული (GE)
  • Română (RO)
  • Magyar (HU)
  • Ελληνικά (EL)
  • Deutsch (AT)
  • العربية (AR)
  • Türkçe (TR)
  • Azərbaycan (AZ)
  • Татарча (TAT)
  • 日本語 (JP)
  • 中文 (CN)
  • 한국어 (KR)

    Logo

    support informnapalm
    Navigation
    • Home
    • News & OSINT
      • Donbas
      • Crimea
      • Syria
      • Georgia
      • World
      • Summaries
      • Misc
      • Social review
    • Top Investigations
    • History
    • About Us

    Marfa: Identification of Propagandist and Militant Recruiter

    on 06/23/2017 | | Donbas | News | UCA Print This Post Print This Post
    • ru
    • de
    • cz
    • ua
    • en
    • bg
    • sv

    One evening, over a glass of Lviv beer together with hacktivists from UkrainianCyberAlliance (UCA) and CyberHunta we took up the issue of blocking Russian social media in Ukraine. All our agreed that VK and Odnoklassniki are platforms tailored to spread Russian propaganda and disinformation in Ukraine’s media environment and that they are one of the main weapons wielded by Russia’s military and political leadership in its hybrid aggression against Ukraine and other countries.

    In the conversation, one of the hacktivists mentioned an interesting story or, should we say, a small operation aimed at identifying a vocal anti-Ukrainian advocate and a prolific administrator of separatist groups on social media in charge of more than twenty active groups with more than 400,000 subscribers. Just think of it! 400,000 users, of whom more than 70% are Ukraine’s nationals. Since late 2013, all of them were fed weaponized information from the “active measures” experts with the blessing and backing of Russian politicians, members of parliament and oligarchs connected to the government.

    With the blessing of our hacktivist friends we decided to make a detailed piece about this pinpoint operation. Before reading this story, you are well advised to read our previous materials on this subject [1], [2], [3], [4].

    The case in point is Marfa Vasilyevna, a notorious administrator of separatist groups on social media. She managed more than twenty active anti-Ukrainian groups on VK and Odnoklassniki social networks, including IA Novorossia, MIA Novorossia, Novorossia Today, Antimaidan, Novorossia | SaveDonbassPeople | Antimaidan, Novorossia, Donetsk | Lugansk | Novorossia.

    An effective clue for the identification of a real person behind Marfa’s anonymous account came from the work-related chat of Luhansk and Donetsk People’s Republics (LPR/DPR) propaganda officers, which had been hacked earlier. With some sadness, Marfa reported that the updated list of journalists accredited by the DPR, which was published on Myrotvorets site, contained her data and that of her husband.

    It meant that there was Marfa’s real personal data somewhere among 5,000 records on the list. That was interesting enough, and hacktivists supported by Myrotvorets staff started their long journey through the hacked chat of Novorosinform staffers in the quest for some workable clues. Having reviewed what turned out later to be Marfa’s close contacts [1], [2], they managed to find out her e-mail address and phone number:

    The search for letyaga-ya@yandex.ru e-mail address on social media returned a Facebook page of Katia Borzova.

    The search for “Borzova” in the published list of journalists returned the following record:

    The last and first names, as well as the phone number, are the same. However, a different e-mail address was indicated on the list of accredited journalists: solnushkovasilek-8886@yandex.ru. The name of the owner of this e-mail account was indicated as Katia Stetsenko in one of the documents handed over for analysis. The same e-mail account is linked to the VK account of Yekaterina Morozova.

    So, we have now two e-mail accounts and three Yekaterinas (Ed.: or Katias, informally): Borzova, Morozova, and Stetsenko. Confusing, isn’t it? But do you remember that Katia mentioned her husband in the chat with colleagues? The search for one of the last names produced Denys Stetsenko mentioned in the dump files as DNR Television and Radio Company’s video engineer and an employee of Radio Respublika.

    There were too many Stetsenko’s on social media, so the hacktivists opted for a different approach. They broke into the e-mail account of the editor-in-chief of Radio Respublika, a propaganda outlet where Stetsenko used to work earlier, and requested Denys’ information from the HR department allegedly for the “Ministry of State Security” in her name.

    Then encouraged by the account owner’s hospitality, they also decided to chat on Facebook with other HR specialists of the radio station… …And found out that Katia and Denys had recently been interrogated by the DPR “Ministry of State Security” because of a publication discrediting Zakharchenko.

    By joint effort, they located the account of Denys, Katia’s partner. There, they found a page of Katia Borzova renamed later into Yekaterina Morozova. Her photos had been deleted from the account earlier but were found on websites with VK page caches. It can be seen that the young woman’s hair hue is the same as the woman’s featured on the photo with the chief terrorist Zakharchenko. This photo was uploaded into Marfa Vasilyevna’s photo album.

    After that, UCA’s hacktivists went all-in by posing as an officer of the DPR “Ministry of State Security” and requesting passport copies of Denys and Marfa via hacked VK account of another recruiter Vladimir Yezepchuk.

    When Stetsenko friended Yezepchuk, hacktivists found out how old Yekaterina was. Of course, they did not get the passport scans. However, a mention of a conversation with Radio Respublika’s editor-in-chief about Denys’ personal data, he reluctantly acknowledged he knew Yekaterina and was prepared to invite her to chat online.

    Hacktivists contacted Borzova (and Denys phoned her with a request to go online on VK). It was easy as pie to confirm that this was the actual person running the Marfa account. The “split personality” of Katia-Marfa became split even more when some Elena was mentioned who had co-managed the Marfa account together with Yekaterina. One becomes really inventive in order not to end up “in the dungeon”. Interestingly, Yekaterina had already been interrogated by the “Ministry of State Security” regarding her social media accounts and her activity on social media.

    And that was it! Meet Yekaterina Sergeievna Borzova, (Ed.: the name is spelled in transliteration from Russian, as she would definitely prefer) born on: February 17, 1988, tax identification number: 3234303709, registered address of residence: 2 Vulytsia Varhanova, apartment 26, Mariupol, Donetsk Region.

    Google confirms that a female code-named “Marfa” used to recruit militants and informers in Donbas in 2014 and 2015 in the occupied territories. We have grounds to believe now that this “Marfa” is the same Yekaterina Borzova. However, it is up to the Ukrainian intelligence and law enforcement agencies to establish it.

    Disclaimer:

    Evidence data was exclusively provided to InformNapalm by the hacktivists of the Ukrainian Cyber Alliance. InformNapalm Community bears no responsibility for the sources and origin of the data.” 

    This publication was prepared by Mikhail Kuznetsov specially for InformNapalm.

    Translated by Oleksandr Ivanov, edited by Artem Velichko
    An active link to the authors and our project is obligatory for any reprint or further public use of the material.
    (Creative Commons — Attribution 4.0 International — CC BY 4.0)
    Repost and share with friends.
    For notifications about InformNapalm investigations follow us on Facebook, Twitter and Telegram.

     

    Tags: Marfarussian propagandaUCA

    Recent Posts

    • Andriy Derkach and his tapes. About one special operation to interfere in the US presidential election

      08/10/2020 - 0 Comment
    • The Suicide Squad: top managers of the Russian public sector dying suspiciously during wartime. Infographics.

      07/11/2025 - 0 Comment
    • Hacked: Deputy Defense Minister of Russia Pavel Fradkov. Business interests of Kadyrov and Kabaev in the temporarily occupied territories of Ukraine

      05/01/2025 - 0 Comment
    • Analysis and examples of sanctions evasion schemes used by Russian military-industrial complex

      04/28/2025 - 0 Comment

    Related Posts

    • The Kremlin is preparing bloody false-flag special operations in Russia

      03/16/2022 - 0 Comment
    • Russian information warfare: What to expect next?

      02/26/2022 - 0 Comment
    • Document on disinformation operations against Ukraine handed over to the volunteers

      12/27/2021 - 0 Comment

    No Responses to “Marfa: Identification of Propagandist and Militant Recruiter”

    Leave a Reply Cancel Reply

    Your email address will not be published. Required fields are marked *


    *
    *

    Follow us on social media
    Slate | Sl8 | InformNapalm
    does not receive any financial support from any country’s government or large donors. Only community volunteers and our readers help us to maintain the site. You can also become one of the community volunteers or support InformNapalm with your donations:

    Patreon

    BuyMeACoffee

    USDT TRC-20: TUbRscbCFns4kvWbUnQRBow9ajxSXwxFJU

    Ethereum: 0xf8979c0e0f82EaF1E79704Eb10b750906868cb72

    Bitcoin: bc1qj6nmqwc75tkwv5zuq4x8ljq94xwqp2msf5kyv3

    • Home
    • Privacy Policy
    • Contact Us
    © 2014-2019. «InformNapalm». CC BY 4.0